<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=2019184968353592&amp;ev=PageView&amp;noscript=1">

Data Security

Protecting Your Data

Data is the lifeblood of most organizations. As the value of data continues to increase, so do the complexities around protection. The volume of data is increasing exponentially, the variety of data is expanding, and the velocity with which the data needs to traverse the enterprise landscape is higher than ever before. Protecting data today also includes doing so across a hybrid cloud landscape being accessed by a remote workforce in most cases.

Secure Your Critical Data Assets

Request an Assessment

Confidentiality, Integrity, and Availability

Achieving secure data protection across ALL data repositories means understanding the CIA Triad (Confidentiality, Integrity, Availability).
 
  • “Confidentiality” requires validating that data is only accessible to intended and authorized parties with consideration towards PII or PHI where there may be legal or regulatory requirements. Addressing confidentiality is a journey, an ongoing exercise to address items such as privilege creep (privileges growing over time as roles change).
  • “Integrity” of the data must also be maintained over the life of the data ensuring that it is not modified unintentionally (or unauthorized) by a system, application, or user.
  • “Availability” applies to data the same as it does to systems, networks, and applications. Ransomware is one threat example that can impact availability, confidentiality, and integrity. Additional threats like Insider Threats; can be intentional and malicious events affecting the CIA triad or even unintentional acts by insiders that have access to data. 

Data Governance

Before implementing controls to protect the confidentiality, integrity, and availability of your data, you need to:

  • Define your data architecture and implement sound data governance. This includes mapping and understanding where your data resides and identifying the following:
      • Data owner (resource responsible for the risk associated with the data)
      • Data steward (resource responsible for the use of the data)
      • Data custodian (resource responsible for the technical aspects of applying and maintaining the confidentiality, integrity, and availability of the data)
  • Identify the data itself through data classification (what is the data and its purpose?), determine overall data lifecycle (how long should it be retained?), identify any data residency, sovereignty, or localization requirements, etc.

The above items are components of the overall data architecture. The actions or processes that you create around these items become your data governance strategy. 

Data Protection Strategy

Once the data architecture is mapped, consider implementing appropriate controls and/or tuning existing controls to maintain the CIA of the data.
 
  • Build a data protection strategy. This strategy includes mapping the data protection controls to ALL data and ensuring at least one immutable copy of the backup, preventing malware, ransomware, etc., from compromising both the primary and backup data sets. The execution of the strategy must result in a Recovery Point and Recovery Time for each data set that meets business requirements. 
  • Additional controls include data-at-rest and data-in-motion obfuscation tactics that may consist of encryption and encryption key management to securely manage the keys used for encryption solutions in your environment.
  • Data Loss Prevention (DLP) controls should be considered to protect the confidentiality of your data to prevent data leaks outside of your organization and/or to unauthorized parties. DLP solutions function by looking for data elements such as PII (SSN’s, credit card numbers, etc.) and alerting and/or blocking the exfiltration or movement of such data to unauthorized users.
  • Data classification tools can also be used to build meta-data ABOUT your data. This can then be used to protect your data further when combined with DLP solutions. 
The above items, including discovery, architecture, governance, implementation, and ongoing support of various data protection controls, are areas that Solutions II has deep subject matter expertise. If any of these are a concern or need within your organization, please reach out, and we will be happy to help!  

Leverage Our Data Security Expertise

We can help you with discovery, architecture, governance, implementation and ongoing support of the various data protection controls.

Ask for an Assessment